diff options
author | Tim J. Robbins <tjr@FreeBSD.org> | 2002-11-01 11:53:52 +0000 |
---|---|---|
committer | Tim J. Robbins <tjr@FreeBSD.org> | 2002-11-01 11:53:52 +0000 |
commit | c26c35e7d9d946a90fced6875aee2235ec0fa450 (patch) | |
tree | c154edbabeec317d2c444e8f2d373f7e03f69284 /usr.bin/mkstr | |
parent | a4ff0220ab4efd7dc874f295d2f6a30a231fea2c (diff) | |
download | src-c26c35e7d9d946a90fced6875aee2235ec0fa450.tar.gz src-c26c35e7d9d946a90fced6875aee2235ec0fa450.zip |
Avoid buffer overflow when constructing filenames.
Notes
Notes:
svn path=/head/; revision=106293
Diffstat (limited to 'usr.bin/mkstr')
-rw-r--r-- | usr.bin/mkstr/mkstr.c | 16 |
1 files changed, 13 insertions, 3 deletions
diff --git a/usr.bin/mkstr/mkstr.c b/usr.bin/mkstr/mkstr.c index f2d2b610c1e5..ab87c73a8dfd 100644 --- a/usr.bin/mkstr/mkstr.c +++ b/usr.bin/mkstr/mkstr.c @@ -47,6 +47,7 @@ static char sccsid[] = "@(#)mkstr.c 8.1 (Berkeley) 6/6/93"; __FBSDID("$FreeBSD$"); #include <err.h> +#include <errno.h> #include <stdio.h> #include <stdlib.h> #include <string.h> @@ -95,6 +96,7 @@ int main(int argc, char *argv[]) { char addon = 0; + size_t namelen; argc--, argv++; if (argc > 1 && argv[0][0] == '-') @@ -109,11 +111,19 @@ main(int argc, char *argv[]) err(1, "%s", argv[0]); inithash(); argc--, argv++; - strcpy(name, argv[0]); - np = name + strlen(name); + namelen = strlcpy(name, argv[0], sizeof(name)); + if (namelen >= sizeof(name)) { + errno = ENAMETOOLONG; + err(1, "%s", argv[0]); + } + np = name + namelen; argc--, argv++; do { - strcpy(np, argv[0]); + if (strlcpy(np, argv[0], sizeof(name) - namelen) >= + sizeof(name) - namelen) { + errno = ENAMETOOLONG; + err(1, "%s%s", name, argv[0]); + } if (freopen(name, "w", stdout) == NULL) err(1, "%s", name); if (freopen(argv[0], "r", stdin) == NULL) |